Examples with AccessControlList javax.jcr.security.AccessControlList used on opensource projects

Search in sources :

Example 26 with AccessControlList

use of javax.jcr.security.AccessControlList in project jackrabbit by apache.

the class UserImporterTest method testAccessControlActionExecutionForUser2.

public void testAccessControlActionExecutionForUser2() throws Exception {
    AccessControlAction a1 = new AccessControlAction();
    a1.setUserPrivilegeNames(Privilege.JCR_ALL);
    umgr.setAuthorizableActions(new AuthorizableAction[] { a1 });
    String xml = "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n" + "<sv:node sv:name=\"t\" xmlns:mix=\"http://www.jcp.org/jcr/mix/1.0\" xmlns:nt=\"http://www.jcp.org/jcr/nt/1.0\" xmlns:fn_old=\"http://www.w3.org/2004/10/xpath-functions\" xmlns:fn=\"http://www.w3.org/2005/xpath-functions\" xmlns:xs=\"http://www.w3.org/2001/XMLSchema\" xmlns:sv=\"http://www.jcp.org/jcr/sv/1.0\" xmlns:rep=\"internal\" xmlns:jcr=\"http://www.jcp.org/jcr/1.0\">" + "   <sv:property sv:name=\"jcr:primaryType\" sv:type=\"Name\"><sv:value>rep:User</sv:value></sv:property>" + "   <sv:property sv:name=\"jcr:uuid\" sv:type=\"String\"><sv:value>e358efa4-89f5-3062-b10d-d7316b65649e</sv:value></sv:property>" + "   <sv:property sv:name=\"rep:principalName\" sv:type=\"String\"><sv:value>tPrincipal</sv:value></sv:property>" + "   <sv:property sv:name=\"rep:password\" sv:type=\"String\"><sv:value>{sha1}8efd86fb78a56a5145ed7739dcb00c78581c5375</sv:value></sv:property>" + "</sv:node>";
    NodeImpl target = (NodeImpl) sImpl.getNode(umgr.getUsersPath());
    try {
        doImport(target, xml);
        Authorizable a = umgr.getAuthorizable("t");
        assertNotNull(a);
        assertFalse(a.isGroup());
        AccessControlManager acMgr = sImpl.getAccessControlManager();
        AccessControlPolicy[] policies = acMgr.getPolicies(a.getPath());
        assertNotNull(policies);
        assertEquals(1, policies.length);
        assertTrue(policies[0] instanceof AccessControlList);
        AccessControlEntry[] aces = ((AccessControlList) policies[0]).getAccessControlEntries();
        assertEquals(1, aces.length);
        assertEquals("tPrincipal", aces[0].getPrincipal().getName());
    } finally {
        sImpl.refresh(false);
    }
}
Also used : AccessControlManager(javax.jcr.security.AccessControlManager) AccessControlList(javax.jcr.security.AccessControlList) AccessControlPolicy(javax.jcr.security.AccessControlPolicy) AccessControlAction(org.apache.jackrabbit.core.security.user.action.AccessControlAction) NodeImpl(org.apache.jackrabbit.core.NodeImpl) Authorizable(org.apache.jackrabbit.api.security.user.Authorizable) AccessControlEntry(javax.jcr.security.AccessControlEntry)

Example 27 with AccessControlList

use of javax.jcr.security.AccessControlList in project jackrabbit by apache.

the class UserImporterTest method testAccessControlActionExecutionForUser.

public void testAccessControlActionExecutionForUser() throws Exception {
    AccessControlAction a1 = new AccessControlAction();
    a1.setUserPrivilegeNames(Privilege.JCR_ALL);
    umgr.setAuthorizableActions(new AuthorizableAction[] { a1 });
    String xml = "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n" + "<sv:node sv:name=\"t\" xmlns:mix=\"http://www.jcp.org/jcr/mix/1.0\" xmlns:nt=\"http://www.jcp.org/jcr/nt/1.0\" xmlns:fn_old=\"http://www.w3.org/2004/10/xpath-functions\" xmlns:fn=\"http://www.w3.org/2005/xpath-functions\" xmlns:xs=\"http://www.w3.org/2001/XMLSchema\" xmlns:sv=\"http://www.jcp.org/jcr/sv/1.0\" xmlns:rep=\"internal\" xmlns:jcr=\"http://www.jcp.org/jcr/1.0\">" + "   <sv:property sv:name=\"jcr:primaryType\" sv:type=\"Name\"><sv:value>rep:User</sv:value></sv:property>" + "   <sv:property sv:name=\"jcr:uuid\" sv:type=\"String\"><sv:value>e358efa4-89f5-3062-b10d-d7316b65649e</sv:value></sv:property>" + "   <sv:property sv:name=\"rep:password\" sv:type=\"String\"><sv:value>{sha1}8efd86fb78a56a5145ed7739dcb00c78581c5375</sv:value></sv:property>" + "   <sv:property sv:name=\"rep:principalName\" sv:type=\"String\"><sv:value>tPrincipal</sv:value></sv:property>" + "</sv:node>";
    NodeImpl target = (NodeImpl) sImpl.getNode(umgr.getUsersPath());
    try {
        doImport(target, xml);
        Authorizable a = umgr.getAuthorizable("t");
        assertNotNull(a);
        assertFalse(a.isGroup());
        AccessControlManager acMgr = sImpl.getAccessControlManager();
        AccessControlPolicy[] policies = acMgr.getPolicies(a.getPath());
        assertNotNull(policies);
        assertEquals(1, policies.length);
        assertTrue(policies[0] instanceof AccessControlList);
        AccessControlEntry[] aces = ((AccessControlList) policies[0]).getAccessControlEntries();
        assertEquals(1, aces.length);
        assertEquals("tPrincipal", aces[0].getPrincipal().getName());
    } finally {
        sImpl.refresh(false);
    }
}
Also used : AccessControlManager(javax.jcr.security.AccessControlManager) AccessControlList(javax.jcr.security.AccessControlList) AccessControlPolicy(javax.jcr.security.AccessControlPolicy) AccessControlAction(org.apache.jackrabbit.core.security.user.action.AccessControlAction) NodeImpl(org.apache.jackrabbit.core.NodeImpl) Authorizable(org.apache.jackrabbit.api.security.user.Authorizable) AccessControlEntry(javax.jcr.security.AccessControlEntry)

Example 28 with AccessControlList

use of javax.jcr.security.AccessControlList in project jackrabbit by apache.

the class UserImporterTest method testAccessControlActionExecutionForGroup.

public void testAccessControlActionExecutionForGroup() throws Exception {
    AccessControlAction a1 = new AccessControlAction();
    a1.setGroupPrivilegeNames(Privilege.JCR_READ);
    umgr.setAuthorizableActions(new AuthorizableAction[] { a1 });
    String xml = "<?xml version=\"1.0\" encoding=\"UTF-8\"?>\n" + "<sv:node sv:name=\"g\" xmlns:mix=\"http://www.jcp.org/jcr/mix/1.0\" xmlns:nt=\"http://www.jcp.org/jcr/nt/1.0\" xmlns:fn_old=\"http://www.w3.org/2004/10/xpath-functions\" xmlns:fn=\"http://www.w3.org/2005/xpath-functions\" xmlns:xs=\"http://www.w3.org/2001/XMLSchema\" xmlns:sv=\"http://www.jcp.org/jcr/sv/1.0\" xmlns:rep=\"internal\" xmlns:jcr=\"http://www.jcp.org/jcr/1.0\">" + "   <sv:property sv:name=\"jcr:primaryType\" sv:type=\"Name\"><sv:value>rep:Group</sv:value></sv:property>" + "   <sv:property sv:name=\"jcr:uuid\" sv:type=\"String\"><sv:value>b2f5ff47-4366-31b6-a533-d8dc3614845d</sv:value></sv:property>" + "   <sv:property sv:name=\"rep:principalName\" sv:type=\"String\"><sv:value>gPrincipal</sv:value></sv:property>" + "</sv:node>";
    NodeImpl target = (NodeImpl) sImpl.getNode(umgr.getGroupsPath());
    try {
        doImport(target, xml);
        Authorizable a = umgr.getAuthorizable("g");
        assertNotNull(a);
        assertTrue(a.isGroup());
        AccessControlManager acMgr = sImpl.getAccessControlManager();
        AccessControlPolicy[] policies = acMgr.getPolicies(a.getPath());
        assertNotNull(policies);
        assertEquals(1, policies.length);
        assertTrue(policies[0] instanceof AccessControlList);
        AccessControlEntry[] aces = ((AccessControlList) policies[0]).getAccessControlEntries();
        assertEquals(1, aces.length);
        assertEquals("gPrincipal", aces[0].getPrincipal().getName());
    } finally {
        sImpl.refresh(false);
    }
}
Also used : AccessControlManager(javax.jcr.security.AccessControlManager) AccessControlList(javax.jcr.security.AccessControlList) AccessControlPolicy(javax.jcr.security.AccessControlPolicy) AccessControlAction(org.apache.jackrabbit.core.security.user.action.AccessControlAction) NodeImpl(org.apache.jackrabbit.core.NodeImpl) Authorizable(org.apache.jackrabbit.api.security.user.Authorizable) AccessControlEntry(javax.jcr.security.AccessControlEntry)

Example 29 with AccessControlList

use of javax.jcr.security.AccessControlList in project jackrabbit by apache.

the class AuthorizableActionTest method assertAcAction.

private static void assertAcAction(Authorizable a, UserManagerImpl umgr) throws RepositoryException, NotExecutableException {
    Session s = umgr.getSession();
    AccessControlManager acMgr = s.getAccessControlManager();
    boolean hasACL = false;
    AccessControlPolicyIterator it = acMgr.getApplicablePolicies("/");
    while (it.hasNext()) {
        if (it.nextAccessControlPolicy() instanceof AccessControlList) {
            hasACL = true;
            break;
        }
    }
    if (!hasACL) {
        for (AccessControlPolicy p : acMgr.getPolicies("/")) {
            if (p instanceof AccessControlList) {
                hasACL = true;
                break;
            }
        }
    }
    if (!hasACL) {
        throw new NotExecutableException("No ACLs in workspace containing users.");
    }
    String path = a.getPath();
    assertEquals(1, acMgr.getPolicies(path).length);
    assertTrue(acMgr.getPolicies(path)[0] instanceof AccessControlList);
}
Also used : AccessControlManager(javax.jcr.security.AccessControlManager) AccessControlList(javax.jcr.security.AccessControlList) AccessControlPolicy(javax.jcr.security.AccessControlPolicy) NotExecutableException(org.apache.jackrabbit.test.NotExecutableException) AccessControlPolicyIterator(javax.jcr.security.AccessControlPolicyIterator) Session(javax.jcr.Session)

Example 30 with AccessControlList

use of javax.jcr.security.AccessControlList in project jackrabbit by apache.

the class ACLProvider method getEffectivePolicies.

/**
 * @see org.apache.jackrabbit.core.security.authorization.AccessControlProvider#getEffectivePolicies(org.apache.jackrabbit.spi.Path,org.apache.jackrabbit.core.security.authorization.CompiledPermissions)
 */
public AccessControlPolicy[] getEffectivePolicies(Path absPath, CompiledPermissions permissions) throws ItemNotFoundException, RepositoryException {
    checkInitialized();
    NodeImpl targetNode;
    List<AccessControlList> acls = new ArrayList<AccessControlList>();
    if (absPath == null) {
        targetNode = (NodeImpl) session.getRootNode();
        if (isRepoAccessControlled(targetNode)) {
            if (permissions.grants(targetNode.getPrimaryPath(), Permission.READ_AC)) {
                acls.add(getACL(targetNode, N_REPO_POLICY, null));
            } else {
                throw new AccessDeniedException("Access denied at " + targetNode.getPath());
            }
        }
    } else {
        targetNode = (NodeImpl) session.getNode(session.getJCRPath(absPath));
        NodeImpl node = getNode(targetNode, isAcItem(targetNode));
        // collect all ACLs effective at node
        collectAcls(node, permissions, acls);
    }
    // if no effective ACLs are present -> add a default, empty acl.
    if (acls.isEmpty()) {
        // no access control information can be retrieved for the specified
        // node, since neither the node nor any of its parents is access
        // controlled. TODO: there should be a default policy in this case (see JCR-2331)
        log.warn("No access controlled node present in item hierarchy starting from " + targetNode.getPath());
    }
    return acls.toArray(new AccessControlList[acls.size()]);
}
Also used : AccessControlList(javax.jcr.security.AccessControlList) UnmodifiableAccessControlList(org.apache.jackrabbit.core.security.authorization.UnmodifiableAccessControlList) AccessDeniedException(javax.jcr.AccessDeniedException) NodeImpl(org.apache.jackrabbit.core.NodeImpl) ArrayList(java.util.ArrayList)

Aggregations

AccessControlList (javax.jcr.security.AccessControlList)97 AccessControlEntry (javax.jcr.security.AccessControlEntry)49 AccessControlManager (javax.jcr.security.AccessControlManager)49 AccessControlPolicy (javax.jcr.security.AccessControlPolicy)39 Privilege (javax.jcr.security.Privilege)25 Node (javax.jcr.Node)17 RepositoryException (javax.jcr.RepositoryException)17 JackrabbitAccessControlList (org.apache.jackrabbit.api.security.JackrabbitAccessControlList)17 AccessControlPolicyIterator (javax.jcr.security.AccessControlPolicyIterator)15 NotExecutableException (org.apache.jackrabbit.test.NotExecutableException)15 Test (org.junit.Test)13 Principal (java.security.Principal)12 AccessDeniedException (javax.jcr.AccessDeniedException)12 ArrayList (java.util.ArrayList)9 HashSet (java.util.HashSet)6 AccessControlException (javax.jcr.security.AccessControlException)6 Authorizable (org.apache.jackrabbit.api.security.user.Authorizable)6 NodeImpl (org.apache.jackrabbit.core.NodeImpl)6 MetadataRepositoryException (com.thinkbiganalytics.metadata.modeshape.MetadataRepositoryException)5 AccessControlException (java.security.AccessControlException)5
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial